本文整理匯總了Python中unicorn.UC_ARCH_ARM屬性的典型用法代碼示例。如果您正苦於以下問題:Python unicorn.UC_ARCH_ARM屬性的具體用法?Python unicorn.UC_ARCH_ARM怎麽用?Python unicorn.UC_ARCH_ARM使用的例子?那麽, 這裏精選的屬性代碼示例或許可以為您提供幫助。您也可以進一步了解該屬性所在類unicorn的用法示例。
在下文中一共展示了unicorn.UC_ARCH_ARM屬性的6個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: getSelRefFromImpPtr
# 需要導入模塊: import unicorn [as 別名]
# 或者: from unicorn import UC_ARCH_ARM [as 別名]
def getSelRefFromImpPtr(self, eh, imp):
selref = None
retClsName = ""
if eh.arch == unicorn.UC_ARCH_ARM and eh.isThumbMode(imp):
imp |= 1
logging.debug("checking xrefs for IMP %s" % eh.hexString(imp))
for x in idautils.XrefsTo(imp):
if x.frm >= self.objcConst[0] and x.frm < self.objcConst[1]:
# even though imp ptr is stored at offset 0x10 in struct, xref just goes to base of struct, we want the
# first field
for y in idautils.XrefsTo(eh.derefPtr(x.frm)):
if y.frm >= self.objcSelRefs[0] and y.frm < self.objcSelRefs[1]:
selref = y.frm
break
# determine return value's type
# check type string to see if id is returned
typeStr = eh.getIDBString(eh.derefPtr(x.frm + eh.size_pointer))
if len(typeStr) > 0 and typeStr[0] == "@":
# scan imp for ivar reference, grab its type
if eh.arch == unicorn.UC_ARCH_ARM and eh.isThumbMode(imp):
imp = imp & ~1
retClsName = self.getIvarTypeFromFunc(eh, imp)
return selref, retClsName 示例2: processMethod
# 需要導入模塊: import unicorn [as 別名]
# 或者: from unicorn import UC_ARCH_ARM [as 別名]
def processMethod(self, eh, clsName, methodVa, classes, type_):
objc2ClassMethImpOffs = 2 * eh.size_pointer
isAmbiguous, isMsgRef, selRefVA = self.getRefPtr(eh, methodVa)
if selRefVA is None:
return
funcVA = eh.derefPtr(methodVa + objc2ClassMethImpOffs)
if eh.arch == unicorn.UC_ARCH_ARM:
# remove last bit in case of thumb mode address
funcVA = funcVA & ~1
# adjust pointer to beginning of message_ref struct to get xrefs
if isMsgRef:
selRefVA -= eh.size_pointer
# this shouldn't happen now
if selRefVA in map(lambda x: x[0], classes[clsName][type_]):
logging.debug("class name: %s - method type: %s - duplicate selref VA: %s, ignoring.." %
(clsName, type_, eh.hexString(selRefVA)))
else:
logging.debug("class name: %s - method type: %s - selref VA: %s - function VA: %s - ambiguous: %s" %
(clsName, type_, eh.hexString(selRefVA), eh.hexString(funcVA), isAmbiguous))
classes[clsName][type_].append((selRefVA, funcVA, isAmbiguous))
# collect imp and sel/msg ref pointers 示例3: _fixup_thumb_pc
# 需要導入模塊: import unicorn [as 別名]
# 或者: from unicorn import UC_ARCH_ARM [as 別名]
def _fixup_thumb_pc(self, pc):
"""Fix the PC for emu_start to take ARM Thumb mode into account."""
# If the arch mode is UC_MODE_THUMB, force Thumb.
# Otherwise, check Thumb bit in CPSR.
if self._protocol.arch.unicorn_arch == unicorn.UC_ARCH_ARM and \
(self._protocol.arch.unicorn_mode == unicorn.UC_MODE_THUMB or
self._protocol.read_register(self._protocol.arch.sr_name) & 0x20):
pc |= 1
return pc 示例4: __init__
# 需要導入模塊: import unicorn [as 別名]
# 或者: from unicorn import UC_ARCH_ARM [as 別名]
def __init__(self):
Emulator.__init__(self, "ARM",
unicorn.UC_ARCH_ARM,
unicorn.UC_MODE_ARM,
"pc",
32,
["sp", "cpsr"])
self.syscall_regnames = map(lambda x: "x%d" % x, range(0, 8)) + ["x7",
"pc"]
self.stackbot = "fp"
self.stacktop = "sp"
self.syscall_reg = "x7" 示例5: __init__
# 需要導入模塊: import unicorn [as 別名]
# 或者: from unicorn import UC_ARCH_ARM [as 別名]
def __init__(self):
super(Arm, self).__init__()
self.unicorn_arch = unicorn.UC_ARCH_ARM
self.unicorn_mode = unicorn.UC_MODE_ARM
self.capstone_arch = capstone.CS_ARCH_ARM
self.capstone_mode = capstone.CS_MODE_ARM 示例6: getIvarTypeFromFunc
# 需要導入模塊: import unicorn [as 別名]
# 或者: from unicorn import UC_ARCH_ARM [as 別名]
def getIvarTypeFromFunc(self, eh, va):
if va in self.ivarSetters:
return self.ivarSetters[va]
elif va in self.notIvarSetters:
return UNKNOWN
addr = va
endVa = idc.get_func_attr(va, idc.FUNCATTR_END)
if endVa - va < 0x20:
ivarVa = None
while addr <= endVa:
srcOpnd = idc.print_operand(addr, 1)
# if ivar is the src op for an instruction, assume this function will return it
if eh.arch == unicorn.UC_ARCH_ARM and "_OBJC_IVAR_$_" in srcOpnd:
oploc = idc.get_name_ea_simple(
srcOpnd[srcOpnd.find("_OBJC_IVAR_$_"):srcOpnd.find(" ")])
if oploc != idc.BADADDR:
ivarVa = oploc
break
elif eh.arch == unicorn.UC_ARCH_ARM64:
for x in idautils.XrefsFrom(addr):
if (idc.get_segm_name(x.to) == "__objc_ivar" and
idc.get_name(x.to, idc.ida_name.GN_VISIBLE)[:13] == "_OBJC_IVAR_$_"):
ivarVa = x.to
break
elif eh.arch == unicorn.UC_ARCH_X86:
if "_OBJC_IVAR_$_" in srcOpnd:
ivarVa = idc.get_operand_value(addr, 1)
break
addr = idc.next_head(addr, idc.get_inf_attr(idc.INF_MAX_EA))
if ivarVa:
for x in idautils.XrefsTo(ivarVa):
if x.frm >= self.objcConst[0] and x.frm < self.objcConst[1]:
typeStr = eh.getIDBString(
eh.derefPtr(x.frm + eh.size_pointer * 2))
self.ivarSetters[va] = typeStr[2:-1]
logging.debug("%s is an ivar getter function, returning type %s" % (
eh.hexString(va), typeStr[2:-1]))
return typeStr[2:-1]
else:
logging.debug(
"%s determined not to be an ivar getter function", eh.hexString(va))
self.notIvarSetters.append(va)
else:
logging.debug(
"%s determined not to be an ivar getter function", eh.hexString(va))
self.notIvarSetters.append(va)
return UNKNOWN
# returns class or sel name from IDA name